From 00bc2a8013a8261813fcf56509f22f72c2597691 Mon Sep 17 00:00:00 2001 From: Erich Eckner Date: Fri, 3 Jan 2020 14:04:02 +0100 Subject: mount-crypts: handle integrity targets without key, too --- mount-crypts | 42 +++++++++++++++++++++++++++++++++++------- 1 file changed, 35 insertions(+), 7 deletions(-) diff --git a/mount-crypts b/mount-crypts index b7ba106..e047a63 100755 --- a/mount-crypts +++ b/mount-crypts @@ -15,26 +15,54 @@ fi \ sleep 1 maxWait=$[${maxWait}-1] done + + # detects integrity correctly, too if cryptsetup status "${name}" 2>&1 >/dev/null; then is_mounted=true else is_mounted=false fi - if [ "$1" == "-u" ]; then + + if [ "x$1" == 'x-u' ]; then if ! ${is_mounted}; then continue fi - if ! /usr/sbin/cryptsetup luksClose "${name}"; then - >&2 echo "FEHLER: cryptsetup luksClose $name" - exit 1 + + if [ -n "${key}" ]; then + + if ! /usr/sbin/cryptsetup luksClose "${name}"; then + >&2 echo "FEHLER: cryptsetup luksClose $name" + exit 1 + fi + + else + + if ! /usr/sbin/integritysetup close "${name}"; then + >&2 echo "FEHLER: integritysetup close $name" + exit 1 + fi + fi + else if ${is_mounted}; then continue fi - if ! /usr/sbin/cryptsetup luksOpen "${device}" "${name}" --key-file "${key}"; then - >&2 echo "FEHLER: cryptsetup luksOpen ${device} ${name} --key-file ${key}" - exit 1 + + if [ -n "${key}" ]; then + + if ! /usr/sbin/cryptsetup luksOpen "${device}" "${name}" --key-file "${key}"; then + >&2 echo "FEHLER: cryptsetup luksOpen ${device} ${name} --key-file ${key}" + exit 1 + fi + + else + + if ! /usr/sbin/integritysetup open "${device}" "${name}"; then + >&2 echo "FEHLER: integritysetup open ${device} ${name}" + exit 1 + fi + fi fi done -- cgit v1.2.3-70-g09d2